Security Analyst

Join our team at Core One! Our mission is to be at the forefront of devising analytical operational and technical solutions to our Nations most complex national security order to achieve our mission Core One values people first! We are committed to recruiting nurturing and retaining top talent! We offer a competitive total compensation package that sets us apart from our competition. Core One is a team-oriented dynamic and growing company that values exceptional performance!

Clearance Required: Active TS/SCI with Polygraph

Summary

We are seeking a Security Analyst to support cybersecurity operations compliance and risk management for FedRAMP-authorized and Intelligence Community (IC) systems. This role is responsible for ensuring systems meet stringent federal security requirements while enabling secure scalable and compliant cloud and on-premises solutions.

The ideal candidate brings deep expertise in NIST frameworks FedRAMP authorization processes continuous monitoring (ConMon) and ATO lifecycle management along with the ability to operate in classified or high-security environments.

Key Responsibilities

• Lead and support FedRAMP Moderate/High and IC ATO authorization processes
• Develop review and maintain security documentation: System Security Plans (SSP) Security Assessment Reports (SAR) Plan of Action & Milestones (POA&M)
• Ensure compliance with NIST SP 800-53 / 800-37 RMF FedRAMP baselines ICD 503
• Perform risk assessments control assessments and gap analyses
• Implement and manage RMF lifecycle activities (Categorize Monitor)
• Track and manage POA&M remediation activities
• Facilitate security control inheritance and shared responsibility models
• Execute continuous monitoring strategies and reporting
• Analyze security posture using Vulnerability scans and Configuration compliance
• Produce monthly/quarterly ConMon deliverables
• Monitor and analyze security events and alerts
• Support incident response and forensic analysis
• Coordinate with SOC teams and stakeholders for threat mitigation
• Conduct root cause analysis and lessons learned
• Secure cloud environments aligned with FedRAMP controls
• Implement identity and access controls
• Support 3PAO assessments and audits
• Prepare evidence artifacts for FedRAMP JAB/Agency ATO reviews and Inspector General (IG) audits
• Coordinate with internal/external auditors
• Utilize security tools for monitoring and compliance: Splunk Sentinel Vulnerability management tools RSA Archer ServiceNow
• Support automation of compliance and reporting workflows
• Act as liaison between Engineering teams ISSOs / ISSMs and Compliance and audit teams
• Provide security guidance during system design and change management
• Mentor junior analysts and support team development
• Promote a culture of security-first engineering and compliance excellence
• Contribute to security governance and policy development

Qualifications

• Active TS/SCI with Polygraph
• Bachelors degree or higher in Cybersecurity IT or related field and 5 years experiencein Cybersecurity in federal or IC environments
• OR Masters and 3 years of experience in Cybersecurity in federal or IC environments
• Strong Knowledge of NIST RMF (800-37) NIST 800-53 controls and FedRAMP requirements
• At least one of the following certifications: CISM or CISA CompTIA Security (baseline) Certified Authorization Professional (CAP) CCSP (cloud security)
• Experience in the following tools: NIST 800-53 RMF FedRAMP ICD 503 RSA Archer ServiceNow GRC Splunk Azure Sentinel Nessus ACAS AWS GovCloud Azure Government GCP SCAP STIG Viewer

Desired Qualifications

• Experience with cloud-native security tools
• Knowledge of Zero Trust Architecture
• Experience with cross-domain solutions
• Experience with ICD 503
• Familiarity with DevSecOps pipelines in regulated environments

Core One is anEqual Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex gender identity sexual orientationnational origin or protected veteran status and will not be discriminated against on the basis of disability.

PRESENT

PRESENTPRESENTPRESENTPRESENTPRESENTPRESENT